Tim Newsom cephdon at gmail.com
Thu Jul 19 02:37:33 CEST 2007

On Wed, 18 Jul 2007 17:02, Jeff Andros wrote:
> I haven't used a mac other than casually (checking email) since os9... 
> so I'm not so up on growl.  I'd like basically arbitrary code 
> execution, but with some (read LOTS) of protection on how that gets 
> registered (can't let Sean's dad install malware that fire off every 
> time the phone rings, can we?).   I'm also still liking a shell script 
> that gets fired off, yeah, it's got a bit of overhead, but if you get 
> into binary programs as fast as possible, and just use the script to 
> link up the purpose built programs ( I.E. the whole reason shell 
> scripts exist) it might not be too bad... something to investigate I 
> guess

Why not use something like a sandbox?
I found a something on sourceforge something like 
sandboxing.sourceforge.net... But basically it just prevents 
applications in the sandbox from doing things without permission.  And 
it can be set to either send an error or block and send an event to some 
queue for other action...

Seems like we can set it up so that:
The installer is trusted...
Signed applications (with approved cert) can be auto full trusted
User can choose to give trust levels if desired...

If its flexible enough, might this (or something like it) provide some 
or most of the unauthorized program access protection we want?


More information about the community mailing list